pooladdr.c

RADIUS协议的认证计费服务

/*
 *
 *      Copyright (c) 1996 Ascend Communications, Inc.
 *      All rights reserved.
 *
 *      Permission to copy, display, distribute and make derivative works
 *      from this material in whole or in part for any purpose is granted
 *      provided that the above copyright notice and this paragraph are
 *      duplicated in all copies.  THIS SOFTWARE IS PROVIDED "AS IS" AND
 *      WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING, WITHOUT
 *      LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
 *      FOR A PARTICULAR PURPOSE.
 *
 */

/*
 * Copyright [C] The Regents of the University of Michigan and Merit Network,
 * Inc. 1992, 1993, 1994, 1995, 1996, 1997, 1998 All Rights Reserved
 *
 * Permission to use, copy, and modify this software and its documentation 
 * for any purpose and without fee is hereby granted, provided: 
 *
 * 1) that the above copyright notice and this permission notice appear in all
 *    copies of the software and derivative works or modified versions thereof, 
 *
 * 2) that both the copyright notice and this permission and disclaimer notice 
 *    appear in all supporting documentation, and 
 *
 * 3) that all derivative works made from this material are returned to the
 *    Regents of the University of Michigan and Merit Network, Inc. with
 *    permission to copy, to display, to distribute, and to make derivative
 *    works from the provided material in whole or in part for any purpose.
 *
 * Users of this code are requested to notify Merit Network, Inc. of such use
 * by sending email to aaa-admin@merit.edu
 *
 * Please also use aaa-admin@merit.edu to inform Merit Network, Inc of any
 * derivative works.
 *
 * Distribution of this software or derivative works or the associated
 * documentation is not allowed without an additional license.
 *
 * Licenses for other uses are available on an individually negotiated
 * basis.  Contact aaa-license@merit.edu for more information.
 *
 * THIS SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION WARRANTIES OF
 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE REGENTS OF THE
 * UNIVERSITY OF MICHIGAN AND MERIT NETWORK, INC. DO NOT WARRANT THAT THE
 * FUNCTIONS CONTAINED IN THE SOFTWARE WILL MEET LICENSEE'S REQUIREMENTS OR
 * THAT OPERATION WILL BE UNINTERRUPTED OR ERROR FREE.  The Regents of the
 * University of Michigan and Merit Network, Inc. shall not be liable for any
 * special, indirect, incidental or consequential damages with respect to any
 * claim by Licensee or any third party arising from use of the software.
 *
 * Merit AAA Server Support
 * Merit Network, Inc.
 * 4251 Plymouth Road, Suite C.
 * Ann Arbor, Michigan, USA 48105-2785
 *
 * attn:  John Vollbrecht
 * voice: 734-764-9430
 * fax:   734-647-3185
 * email: aaa-admin@merit.edu
 *
 */

/*
 *
 * Public entry points in this file:
 *
 */

static char     rcsid[] = "$Id: pooladdr.c,v 1.1.1.1 2001/08/10 20:49:28 bonze Exp $";

#include	<sys/types.h>
#include	<sys/param.h>
#include	<sys/time.h>
#include	<sys/errno.h>
#include	<sys/file.h>
#include	<sys/wait.h>
#include	<sys/socket.h>
#include	<net/if.h>
#include	<netinet/in.h>

#include	<stdio.h>
#include	<netdb.h>
#include	<errno.h>
#include	<signal.h>
#include	<memory.h>
#include	<syslog.h>

#include	"radius.h"

#ifndef IP_ADDR_POOL
static AATV     ip_alloc_aatv = DEF_AATV_DIRECT("IPPOOL", fatal_action);

AATVPTR         rad_ip_pool_aatv = & ip_alloc_aatv;
#else	/* IP_ADDR_POOL */

extern char     recv_buffer[RAD_RECV_BUFFER_SIZE];
extern char     send_buffer[RAD_SEND_BUFFER_SIZE];
extern int      debug_flag;
extern int      spawn_flag;     /* 0 => no spawning, 1 => spawning allowed */
extern char    *radius_dir;

static int      sockfd = -1;
static u_char   timeout;
static char     white_space[] = " \t\r\n";

static int      ip_address_recv PROTO((UINT4, AUTH_REQ *));
static int      ip_address_send PROTO((int, void *, UINT4, ipaddr_t,
					ADDRESS_CHUNK *, int));
static int      parse_global PROTO((char *, ADDRESS_CHUNK *));
static UINT4    parse_hosts PROTO((void));
static int      parse_pool PROTO((char *, ADDRESS_CHUNK **));
static void     pool_time_out PROTO((int));
RADIPA_PACKET  *reorder_integers PROTO((char*));
static int      try_connect PROTO((UINT4));

UINT4           addr;

#define	IP_POOL_TIME	3 * 60 /* Need a response within this time period */

static void     pool_init PROTO((AATV *));
static int      pool_addr PROTO((AUTH_REQ *, int, char *));
static void     pool_cleanup PROTO((void));

static AATV     ip_alloc_aatv = DEF_AATV_FREPLY_FULL("IPPOOL", -1, pool_init,
							NULL, pool_addr,
							pool_cleanup, 0);
AATVPTR         rad_ip_pool_aatv = & ip_alloc_aatv;

/*************************************************************************
 *
 *	Function: pool_init
 *
 *	Purpose: Initialize the TCP connection to the RADIPAD daemon.
 *
 *************************************************************************/

static void
pool_init (unused)

AATV   *unused;

{
	UINT4           addr;
	static int      init_count = 0;
	static char    *func = "pool_init";

	dprintf(2, (LOG_AUTH, LOG_DEBUG, "%s: entered", func));

	init_count++;
	if (init_count <= 1)	/* Ensure that users file is read into core. */
	{
		return;
	}

	if (sockfd == -1)
	{
		sockfd = socket (AF_INET, SOCK_STREAM, 0); /* for TCP */
	}

	/* This assumes the users file has been read into memory.  See above. */
	if ((addr = parse_hosts ()) == INADDR_ANY)
	{
		logit (LOG_DAEMON, LOG_ERR,
			"%s: No server listed for RADIPAD", func);
		return;
	}

	return;
} /* end of pool_init () */

/*************************************************************************
 *
 *	Function: pool_addr
 *
 *	Purpose: This is an AATV action function for the
 *		 PW_ASCEND_RADIPA_ALLOCATE [50] and
 *		 PW_ASCEND_RADIPA_RELEASE [51] requests.
 *
 *************************************************************************/

static int
pool_addr (authreq, value, afpar)

AUTH_REQ       *authreq;
int             value;
char           *afpar;

{
	int             cmd;
	int             count;
	int             how_many;
	int             loop_count;
	int             result;
	ipaddr_t        addr;
	UINT4           daemon;
	UINT4           ip_address;
	UINT4           router_ip_address;
	UINT4           z = (UINT4) 0;
	ADDRESS_CHUNK   chunks_0[MAX_ADDRESS_CHUNKS];
	ADDRESS_CHUNK  *chunks = chunks_0;
	ADDRESS_CHUNK  *payload;
	VALUE_PAIR     *vp;
	char           *user_name;
	struct sockaddr_in sin;
	sigset_t        signals;
	struct sigaction action;
	struct sigaction a_save;
	static char    *func = "pool_addr";

	dprintf(2, (LOG_AUTH, LOG_DEBUG, "%s: entered", func));

	/* Set up alarm and signal handler to bail us out if we take too long */
	alarm (IP_POOL_TIME); /* Make it pretty long */

	memset ((char *) &action, '\0', sizeof (action));
	sigemptyset (&signals);			/* Init signal enable mask */
	sigaddset (&signals, SIGALRM);  
	action.sa_handler = pool_time_out;	/* Set up our timeout handler */
	sigaction (SIGALRM, &action, &a_save);	/* Ready to handle it */
	sigprocmask (SIG_UNBLOCK, &signals, NULL);	/* Now allow alarm */

	/* If one was pending, we just took it. */
	timeout = (u_char) 0;	/* Initing now will ignore any pending alarm */

	if ((vp = get_vp (authreq->cur_request, PW_NAS_IP_ADDRESS)) == NULL_VP)
	{
		missing_attribute (authreq, func, PW_NAS_IP_ADDRESS, NULL);
		sigaction (SIGALRM, &a_save, NULL);	/* Restore state. */
		return EV_NAK;
	}
	router_ip_address = vp->lvalue;

	if (authreq->code == PW_ASCEND_RADIPA_ALLOCATE)
	{
		if ((vp = get_vp (authreq->cur_request,
					PW_USER_NAME)) == NULL_VP)
		{
			missing_attribute (authreq, func, PW_USER_NAME, NULL);
			sigaction (SIGALRM, &a_save, NULL); /* Restore state. */
			return EV_NAK;
		}
		user_name = vp->strvalue;	/* name of the router */

		count = parse_pool (user_name, &chunks);
		if (count == 0)
		{
			dprintf(2, (LOG_AUTH, LOG_DEBUG,
				"zero address chunks for %s", func, user_name));
			avpair_add (&authreq->cur_request,
						PW_FRAMED_IP_ADDRESS, &z, 0);
			sigaction (SIGALRM, &a_save, NULL); /* Restore state. */
			return EV_ACK;
		}
	}
	else /* was PW_ASCEND_RADIPA_RELEASE */
	{
		if ((vp = get_vp (authreq->cur_request,
					PW_FRAMED_IP_ADDRESS)) == NULL_VP)
		{
			missing_attribute (authreq, func,
						PW_FRAMED_IP_ADDRESS, NULL);
			sigaction (SIGALRM, &a_save, NULL); /* Restore state. */
			return EV_NAK;
		}
		ip_address = vp->lvalue;	/* address to release */
	}

	/* This assumes the users file has been read into memory. */
	if ((daemon = parse_hosts ()) == INADDR_ANY)
	{
		logit (LOG_DAEMON, LOG_ERR,
			"%s: No server listed for RADIPAD", func);
		sigaction (SIGALRM, &a_save, NULL);	/* Restore state. */
		return EV_NAK;
	}

	if (authreq->code == PW_ASCEND_RADIPA_ALLOCATE)
	{
		cmd = RADIPA_ALLOCATE;
		addr = INADDR_NONE;
		payload = chunks;
		how_many = count;
	}
	else /* was PW_ASCEND_RADIPA_RELEASE */
	{
		cmd = RADIPA_RELEASE;
		addr = ip_address;
		payload = (ADDRESS_CHUNK *) NULL;
		how_many = 0;
	} 

	loop_count = 0;
	do
	{
		if (ip_address_send (cmd, authreq, router_ip_address,
						addr, payload, how_many) < 0)
		{
			result = try_connect (daemon);
			switch (result)
			{
			    case 1:		/* Address was in use. */
				sleep (2);
				loop_count++;
				break;

			    case 0:
				loop_count = 3;	/* Indicate done with loop. */
				break;

			    case -1:		/* Some error occurred. */
				/* Restore signal state. */
				sigaction (SIGALRM, &a_save, NULL);
				return EV_NAK;
			}
			continue;
		} 
		break;
	} while (loop_count < 2);

	for (;;) /* Block for RADIPAD packet in this child process. */
	{
		if (ip_address_recv (daemon, authreq) < 0)
		{
			sigaction (SIGALRM, &a_save, NULL); /* Restore state. */
			return EV_NAK;
		}

		sigaction (SIGALRM, &a_save, NULL);	/* Restore state. */
		return EV_ACK;		/* It's a success! */
	}

} /* end of pool_addr () */

/*************************************************************************
 *
 *	Function: pool_cleanup
 *
 *	Purpose: Release the socket file descriptor.
 *
 *************************************************************************/

static void
pool_cleanup ()

{
	static char    *func = "pool_cleanup";

	dprintf(2, (LOG_AUTH, LOG_DEBUG, "%s: entered", func));

	close (sockfd);
	sockfd = -1;

	return;
} /* end of pool_cleanup () */

/*************************************************************************
 *
 *	Function: ip_address_send
 *
 *	Purpose: Sends IP address pool requests to RADIPAD.
 *
 *	Returns: number of bytes sent, or
 *		 -1, otherwise.
 *
 *************************************************************************/

static int
ip_address_send (code, handle, router_address, ipaddr, chunks, count)

int             code;
void           *handle;
UINT4           router_address;
ipaddr_t        ipaddr;
ADDRESS_CHUNK  *chunks;
int             count;

{
	int             bytes_sent;
	int             total_length;
	RADIPA_PACKET  *packet;
	static char    *func = "ip_address_send";

	dprintf(2, (LOG_DAEMON, LOG_DEBUG, "%s: entered", func));

	packet = (RADIPA_PACKET *) send_buffer;
	packet->rp_code = (char) code; /* RADIPA_ALLOCATE or RADIPA_RELEASE */
	packet->rp_pad = ~0;
	packet->rp_count = htons(count);
	packet->rp_handle = handle;
	packet->rp_router_address = router_address;
	packet->rp_ip_address = htonl(ipaddr);

	if (code == RADIPA_ALLOCATE)
	{